Stay in touch

You are here

News Release

Contact

Exactly one year ago tomorrow, Equifax announced that hackers had breached its system and accessed the data of nearly 150 million U.S. consumers. To mark the anniversary of that notorious announcement, CALPIRG Education Fund is releasing a new report containing suggestions on how Congress, state officials and consumers can safeguard personal information.

"One year after announcing the worst data breach in history weeks after it knew about it, Equifax has yet to pay a price or provide consumers with the information and tools they need to adequately protect themselves," said Emily Rusch, executive director of CALPIRG. “This may not have been the biggest breach ever, but it’s the worst, because Equifax’s carelessness made it easier for bad guys to steal the identities of nearly 150 million consumers.”

The report, Equifax Breach: 1 Year Later – How to Protect Yourself Against ID Theft & Hold Equifax Accountable, includes the following features:

● A recap of the main governmental and civil actions against Equifax over the last year (which have so far failed to hold the company accountable).

● New materials, including charts and checklists, to help consumers understand how to best protect themselves against the very real threats of identity theft for the rest of their lives.

● A case for why we need both oversight and financial consequences to prevent future large-scale breaches.

The report contains charts, checklists and other tips to help consumers prevent and detect the types of identity theft and fraud made possible by the Equifax breach:

● New Account Fraud (including cell phone, credit card, loan, and utilities): Get credit freezes at all three nationwide credit bureaus -- Equifax, Experian, and TransUnion. A new federal law will eliminate fees for those credit freezes for consumers on September 21st, 2018.

The report also highlights the need for both penalties against and new oversight of Equifax to compensate the victims and prevent future breaches of this scale. Earlier this year, the California Department of Business Oversight and seven other states reached an agreement with Equifax to fix weaknesses in its data security operations. That’s a good start for the government oversight that big data aggregators like Equifax need. But state and federal officials have yet to fine Equifax for their egregious mistake, and few consumers have received any compensation for the time and cost of the increased threat that our personal data will fall into the hands of thieves - a threat that will stick with many of us for the rest of our lives.

The good news is that the California Consumer Privacy Act, signed into law earlier this summer, will help future consumers hold companies accountable when they are negligent with our data and we are victims of a breach. Unfortunately though, the law doesn’t apply retroactively to the Equifax breach.

“Ultimately, we are not the customers of Equifax or the other credit bureaus. We are their product. We did not ask or give them permission to collect or sell our personal information,” said Rusch. “We urge state and federal officials to levy hefty fines on Equifax to help encourage them and other companies to do a better job keeping our data secure. And we urge state and federal officials to give consumers even more control over who is able to buy, sell and store our own data, to better empower consumers to prevent fraud and identity theft.”

###

CALPIRG Education Fund is an independent, non-partisan group that works for consumers and the public interest. Through research, public education and outreach, we serve as counterweights to the influence of powerful special interests that threaten our health, safety, or well-being.